基于蜜罐的Web服务入侵攻击模式分析与签名提取

N. Dagdee, Urjita Thakar
{"title":"基于蜜罐的Web服务入侵攻击模式分析与签名提取","authors":"N. Dagdee, Urjita Thakar","doi":"10.1109/ICETET.2008.192","DOIUrl":null,"url":null,"abstract":"With the increasing popularity of Web services, attackers are getting attracted to hack the Web services and the servers on which they run. One of the major threats is that of intruders which may maliciously try to access the data or services. Thus there is a need to protect the servers on which Web services are running from intruders. Therefore, intrusion detection systems need to be employed. Signature based IDS are popularly being used. Honeypots are a highly flexible security tool with differing applications for security. They are a security resource that does not have any production or authorized activity but have an important use in intrusion prevention, detection and information gathering. Honeypot collects very little data and what it collects is normally of high value. This information can be used in extraction of intrusion detection signature. In this paper we have proposed a method to analyze the attacks and generate signatures for Web services.","PeriodicalId":269929,"journal":{"name":"2008 First International Conference on Emerging Trends in Engineering and Technology","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"17","resultStr":"{\"title\":\"Intrusion Attack Pattern Analysis and Signature Extraction for Web Services Using Honeypots\",\"authors\":\"N. Dagdee, Urjita Thakar\",\"doi\":\"10.1109/ICETET.2008.192\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the increasing popularity of Web services, attackers are getting attracted to hack the Web services and the servers on which they run. One of the major threats is that of intruders which may maliciously try to access the data or services. Thus there is a need to protect the servers on which Web services are running from intruders. Therefore, intrusion detection systems need to be employed. Signature based IDS are popularly being used. Honeypots are a highly flexible security tool with differing applications for security. They are a security resource that does not have any production or authorized activity but have an important use in intrusion prevention, detection and information gathering. Honeypot collects very little data and what it collects is normally of high value. This information can be used in extraction of intrusion detection signature. In this paper we have proposed a method to analyze the attacks and generate signatures for Web services.\",\"PeriodicalId\":269929,\"journal\":{\"name\":\"2008 First International Conference on Emerging Trends in Engineering and Technology\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-07-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"17\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 First International Conference on Emerging Trends in Engineering and Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICETET.2008.192\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 First International Conference on Emerging Trends in Engineering and Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICETET.2008.192","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 17

摘要

随着Web服务的日益普及,攻击者越来越倾向于攻击Web服务及其运行的服务器。其中一个主要威胁是入侵者可能会恶意尝试访问数据或服务。因此,需要保护运行Web服务的服务器免受入侵者的攻击。因此,需要采用入侵检测系统。基于签名的入侵检测被广泛使用。蜜罐是一种高度灵活的安全工具,具有不同的安全应用程序。它们是一种没有任何生产或授权活动,但在入侵防御、检测和信息收集等方面具有重要用途的安全资源。Honeypot收集的数据很少,而它收集的数据通常具有很高的价值。该信息可用于入侵检测签名的提取。本文提出了一种针对Web服务的攻击分析和签名生成方法。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Intrusion Attack Pattern Analysis and Signature Extraction for Web Services Using Honeypots
With the increasing popularity of Web services, attackers are getting attracted to hack the Web services and the servers on which they run. One of the major threats is that of intruders which may maliciously try to access the data or services. Thus there is a need to protect the servers on which Web services are running from intruders. Therefore, intrusion detection systems need to be employed. Signature based IDS are popularly being used. Honeypots are a highly flexible security tool with differing applications for security. They are a security resource that does not have any production or authorized activity but have an important use in intrusion prevention, detection and information gathering. Honeypot collects very little data and what it collects is normally of high value. This information can be used in extraction of intrusion detection signature. In this paper we have proposed a method to analyze the attacks and generate signatures for Web services.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Traffic Analysis of MPLS and Non MPLS Network including MPLS Signaling Protocols and Traffic Distribution in OSPF and MPLS Texture and Wavelet-Based Spoof Fingerprint Detection for Fingerprint Biometric Systems Cmos Mixed Signal Design of Fuzzy Logic Based Systems QoS Aware Stable path Routing (QASR) Protocol for MANETs ASIC Implementation of 4 Bit Multipliers
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1